Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Generated by iptables-save v1.4.21 on Mon Jun 19 23:31:20 2017
- *security
- :INPUT ACCEPT [2706801:1970020810]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [5253515:6648473184]
- COMMIT
- # Completed on Mon Jun 19 23:31:20 2017
- # Generated by iptables-save v1.4.21 on Mon Jun 19 23:31:20 2017
- *raw
- :PREROUTING ACCEPT [2707433:1970307429]
- :OUTPUT ACCEPT [5256476:6648752279]
- COMMIT
- # Completed on Mon Jun 19 23:31:20 2017
- # Generated by iptables-save v1.4.21 on Mon Jun 19 23:31:20 2017
- *nat
- :PREROUTING ACCEPT [1432:453130]
- :INPUT ACCEPT [809:168463]
- :OUTPUT ACCEPT [1500:252646]
- :POSTROUTING ACCEPT [834:119513]
- COMMIT
- # Completed on Mon Jun 19 23:31:20 2017
- # Generated by iptables-save v1.4.21 on Mon Jun 19 23:31:20 2017
- *mangle
- :PREROUTING ACCEPT [2707433:1970307429]
- :INPUT ACCEPT [2707405:1970304422]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [5256477:6648752591]
- :POSTROUTING ACCEPT [5254114:6648532787]
- COMMIT
- # Completed on Mon Jun 19 23:31:20 2017
- # Generated by iptables-save v1.4.21 on Mon Jun 19 23:31:20 2017
- *filter
- :INPUT DROP [0:0]
- :FORWARD DROP [0:0]
- :OUTPUT DROP [14:1377]
- :f2b-apache-auth - [0:0]
- :f2b-apache-badbots - [0:0]
- :f2b-apache-fakegooglebot - [0:0]
- :f2b-apache-nohome - [0:0]
- :f2b-apache-noscript - [0:0]
- :f2b-apache-overflows - [0:0]
- :f2b-apache-pass - [0:0]
- :f2b-apache-shellshock - [0:0]
- :plex - [0:0]
- -A INPUT -p tcp -m multiport --dports 0:65535 -j f2b-apache-pass
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-shellshock
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-fakegooglebot
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-nohome
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-overflows
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-noscript
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-badbots
- -A INPUT -p tcp -m multiport --dports 80,443 -j f2b-apache-auth
- -A INPUT -i lo -j ACCEPT
- -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
- -A INPUT -s 218.65.30.43/32 -j REJECT --reject-with icmp-port-unreachable
- -A INPUT -s 153.99.182.23/32 -j REJECT --reject-with icmp-port-unreachable
- -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p icmp -j ACCEPT
- -A INPUT -s 192.168.1.11/32 -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
- -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 137 -j ACCEPT
- -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 138 -j ACCEPT
- -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 139 -j ACCEPT
- -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 445 -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 32400 -j plex
- -A INPUT -p udp -m udp --dport 1900 -j plex
- -A INPUT -p tcp -m tcp --dport 3005 -j plex
- -A INPUT -p udp -m udp --dport 5353 -j plex
- -A INPUT -p tcp -m tcp --dport 8324 -j plex
- -A INPUT -p udp -m udp --dport 32410 -j plex
- -A INPUT -p udp -m udp --dport 32412 -j plex
- -A INPUT -p udp -m udp --dport 32413 -j plex
- -A INPUT -p udp -m udp --dport 32414 -j plex
- -A INPUT -p tcp -m tcp --dport 32469 -j plex
- -A OUTPUT -o lo -j ACCEPT
- -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
- -A OUTPUT -p icmp -j ACCEPT
- -A OUTPUT -d 192.168.1.11/32 -j ACCEPT
- -A OUTPUT -p tcp -m tcp --dport 873 -j ACCEPT
- -A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT
- -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
- -A OUTPUT -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
- -A f2b-apache-auth -j RETURN
- -A f2b-apache-badbots -j RETURN
- -A f2b-apache-fakegooglebot -j RETURN
- -A f2b-apache-nohome -j RETURN
- -A f2b-apache-noscript -j RETURN
- -A f2b-apache-overflows -j RETURN
- -A f2b-apache-pass -j RETURN
- -A f2b-apache-shellshock -j RETURN
- -A plex -s 192.168.1.0/24 -j ACCEPT
- -A plex -j RETURN
- COMMIT
- # Completed on Mon Jun 19 23:31:20 2017
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
